3-D Secure (3-Domain Secure), also known as Payer Authentication is a security protocol to prevent fraud in online credit and debit card transactions. At present, this service is offered by Visa and MasterCard under the name Verified by Visa and MasterCard SecureCode respectively.
Payer Authentication is a three party process. The parties involved are: the vendor, the acquirer (the bank that processes the payment) and the card issuers (i.e. Visa or MasterCard).
In order to activate this service, the cardholder has to register for it. The card user has first to provide some personal details and subsequently, he has to create a PIN number that will be assigned to his personal credit or debit card. This feature enables banks to confirm the cardholder’s identity while purchasing goods and services.
The 3-D Secure Password will automatically be requested every time a cardholder buys something online from participating retailers and no online transaction would be able to take place without it. However, it can happen that despite being registered for Payer Authentication you will not be asked for your password while shopping online. This simply means that the retailer you are buying from is not taking part in the scheme.
Registration of the 3-D Secure Password should be done for every single card independently and it cannot be cancelled. Yet, in the case a credit or debit card is renewed, there is no need to register the card replacement once again into the scheme. In the case of a card cancellation, the service is cancelled automatically along with it.
Online transactions done by cardholders who have not enrolled into the Payer Authentication scheme will continue to operate normally.
One of the benefits of 3-D Secure is fraud reduction. It also makes online shopping/ trade safer, nurtures consumer brand loyalty, is easy to use, enhances customer’s trust on websites and consequently increases online spending.
The 3-D Secure service has some restrictions: firstly, not all cards are currently participating in the payer authentication program and secondly, it does not prevent chargebacks to happen but it definitively reduces the expenses from deceitful chargebacks.
In terms of liability, 3-D Secure should be seen as an extra protection layer provided by the card issuer. Indeed, in case a fraudulent transaction happens to be authenticated through 3-D Secure, it is highly probable that liability will be shifted to the acquiring bank. Simply put, retailers are protected against deceitful chargebacks since there is a chargeback liability shift.
American Express is also offering a Payer Authentication service called American Express SafeKey. So far, this service is only available in the following selected countries: Australia, China, Greece, Cyprus, France, Germany, Hong Kong, India, Italy, Japan, Malaysia, Netherlands, Russia, Singapore, Spain, Switzerland, Turkey, United Kingdom and Vietnam.
Expansion of the American Express SafeKey scheme to other markets is done upon request of the issuing bank or merchant, after considering the market’s potential and/or the governmental requisites and regulations.